Electronic Design

Protecting Soft IP

Much of the important intellectual property is soft, but it can be hard to protect.

When it comes to intellectual property (IP), software protection covers programs as well as content like music. Both can be easily copied and distributed electronically, which is good in most, but not all, instances. Programs and content can be easily modified, too, which presents another good/bad scenario. On top of that, anyone can use programs and content if they're in a suitable format.

Typically, protection, authentication, and encryption control how software IP is used. Protection can include encryption, but it also may involve copyrights, patents, and licensing. It can be addressed via legal means, as well as through additional hardware and software support. One extreme example of protection would be an actual locked box, while at the other extreme, digital rights management (DRM) systems employ encryption keys stored in a secure system on a chip (SoC).

Authentication comes into play in various ways. For example, a designer may want to remotely program a networked microcontroller. But the microcontroller's software may first require user authentication, user rights authentication, and authentication that the downloaded software wasn't modified. These operations can all take place securely on an open network like the Internet, even though the information is sent "in the clear." To keep the transaction from prying eyes, the information must be encrypted.

Hard Security
Software-only solutions have been the norm, but the more-available hardware-based encryption is gaining in stature. It addresses problems that software can't solve alone.

Keep in mind that hardware-based security actually pinpoints two parts of the puzzle. The first involves secure storage and manipulation of keys needed for encryption on which authentication is based. The second is hardware acceleration required to perform the necessary encryption and decryption in a reasonable amount of time.

A number of different products are available. Atmel's Secure Memory devices store small amounts of information (typically only the keys themselves) in an EEPROM and perform password and authentication protection. M-Systems' DiskOnKey and DiskOnChip implement security to protect flash memory that may contain applications and data. Going even further is Cirrus Logic's ARM9 series of microcontrollers. Its security on-chip uses the Maverick Key memory and the MaverickCrunch encryption engine.

The Security Builder GSE crafted by Certicom is part of the company's Security Architecture software, which runs on top of secure hardware. It provides a standard interface for applications to the underlying encryption and key management hardware. Very few standards exist in this area, even though encryption methods like the Advanced Encryption Standard (AES) are well accepted.

Encrypted memory and enhanced processors enable applications to communicate securely, but they don't guarantee the operation of the software running on the processor. The Trusted Computing Group (TCG) is pushing one approach that guarantees such an operation. Hardware controls the initial system startup and then authenticates the operating system before it runs. Subsequently, the trusted operating system can use the hardware for further communication and program execution. Not everyone is enthralled with TCG's "trusted computing," but some type of secure system will emerge in the near future. At this point, TCG implementations have the edge.

Securing Transmission
Regardless of how trusted the underlying system is, secure communication is where it's at. Secure sockets layer (SSL) and IPsec (that's Internet Protocol, not intellectual property) are used to implement virtual-private-network (VPN) connections. These protocols are standardized, and a host of products are available to take advantage of them. Performance Technology's PMC8300 storage and security accelerator module is an example of the latest technology designed to handle high-bandwidth, secure transmissions.

Software can be secured through encryption. Some microprocessors take this a step further by preventing prying eyes from getting a peek, even if the packaging is breached. These processors are primarily found in smart cards.

Software protection of a different kind can be handled using copyrights, patents, and licensing, in addition to the usual trade-secret approach. Open-source licenses like the General Public License (GPL) protect software if the intent is to keep changes public. The Open Source Initiative is a strong source of information for a range of open-source licenses.

Remember, not all secrets are good.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.